Vulnerability identifier: #VU35777
Vulnerability risk: Medium
Exploitation vector: Network
Exploit availability: No
Pulse Connect Secure
Server applications / Remote access servers, VPN
Vendor: Pulse Secure
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
A hidden RPC service issue was found with Pulse Secure Pulse Connect Secure 8.3RX before 8.3R2 and 8.1RX before 8.1R12.
Install update from vendor's website.
Vulnerable software versions
Pulse Connect Secure: 8.1 - 8.3
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?